Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
File: 304afa07-08cf-4abd-b55e-949deeea1591.roa (raw, json)
Hash identifier: CoBsGUX0ycgeBACmcg/clQhPpNwx9DAjntteOtd4xfg=
Subject key identifier: 36:D1:E7:AE:3F:7A:A2:89:5A:DE:DD:18:A6:B0:E2:B6:0F:BC:C2:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08496CCF16285E13F49B495BAD7F6D82EFAC8D76
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
Signing time: Fri 18 Apr 2025 18:30:18 +0000
ROA not before: Fri 18 Apr 2025 18:30:18 +0000
ROA not after: Fri 23 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:49:6c:cf:16:28:5e:13:f4:9b:49:5b:ad:7f:6d:82:ef:ac:8d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 18 18:30:18 2025 GMT
Not After : May 23 23:59:59 2025 GMT
Subject: serialNumber=0cc5f9e461761aa0e11b701fbadc7838f6563fb5e5a6b37e4ebbb4a5c3391003, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:01:fe:b2:e4:78:2e:5b:f2:1b:2a:93:0a:b9:
7a:33:2a:c1:8b:0e:1d:b0:dd:fc:f4:1d:06:af:33:
bd:ef:fa:c8:98:6d:f8:e5:44:29:7c:ea:82:88:a2:
64:c3:04:c4:1a:43:ff:52:25:cc:42:e6:f8:c9:ff:
29:75:71:50:08:b7:46:ea:9f:ff:27:1d:99:b9:de:
0a:3a:ce:7e:07:71:51:60:34:98:b8:77:a1:0c:e8:
1d:84:3b:df:20:cd:8e:92:7b:eb:77:da:16:c0:45:
58:c8:7e:dd:b8:ad:1b:ea:a8:26:a3:34:5f:57:9c:
b8:a5:75:59:71:6c:ff:26:54:49:af:c4:44:60:ac:
85:84:fa:ee:75:f1:7c:5c:da:a0:06:14:e9:8e:58:
27:1d:ce:fe:3e:21:66:13:91:d0:71:4b:71:3c:29:
6b:f8:c0:53:e8:93:f7:35:02:74:bb:1c:a8:25:e6:
b9:75:b4:09:97:df:3c:b0:f3:4c:3c:11:87:e3:2b:
56:b1:7c:a2:f1:5d:76:93:fa:b0:4a:a7:2d:7e:bb:
0b:9f:6c:ce:71:35:93:e8:9b:82:dc:63:b1:0c:fb:
1c:58:dd:9a:d6:fc:1c:f9:c0:d5:46:81:ca:ce:69:
a3:40:be:63:b1:6a:aa:7e:41:67:11:cf:1d:8c:7d:
d7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D1:E7:AE:3F:7A:A2:89:5A:DE:DD:18:A6:B0:E2:B6:0F:BC:C2:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/40
Signature Algorithm: sha256WithRSAEncryption
53:1b:f8:b6:a3:0d:f1:6b:10:15:d7:67:f0:23:9a:66:b4:0a:
95:b8:57:3b:96:3e:0f:73:04:13:c7:da:d2:a5:ca:bc:1a:52:
c5:a0:8f:8f:fc:54:56:52:c5:79:1c:1e:90:2a:62:d8:ae:4c:
54:07:00:e5:68:1c:33:f5:81:66:c1:b9:e7:cb:c5:01:98:b0:
42:d2:c6:06:d8:92:35:4c:6e:bf:3d:b7:ea:9d:3e:35:35:60:
ec:4e:33:cb:83:c5:2c:8e:3a:f6:ad:60:94:18:15:be:d3:0c:
07:fe:1e:20:09:7b:aa:88:07:4f:4e:ef:41:29:fc:82:f9:71:
b7:62:19:46:f7:18:1f:e0:4f:d2:f4:1e:20:fe:8a:ab:c1:f3:
be:0f:48:ad:04:ae:a8:31:20:d5:ff:2c:24:d7:11:8c:a0:78:
e3:fb:73:35:7f:f4:01:90:3b:c1:46:48:e3:46:37:e4:8a:6f:
02:db:36:a0:56:21:4e:1a:e1:88:d9:48:28:fb:d0:1a:ef:fb:
cf:88:5c:e2:b3:76:4b:8e:90:34:7a:bf:52:da:06:c9:ee:27:
62:24:8c:f6:da:04:01:43:08:68:31:9d:ba:10:7d:0e:e5:4e:
88:df:99:26:b7:72:0c:20:20:82:d4:4c:1f:12:da:c0:1e:d4:
01:e8:44:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCElszxYoXhP0m0lbrX9tgu+sjXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTgxODMwMThaFw0yNTA1MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjYzVmOWU0NjE3NjFhYTBlMTFiNzAxZmJhZGM3ODM4ZjY1NjNmYjVlNWE2
YjM3ZTRlYmJiNGE1YzMzOTEwMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAB/rLkeC5b8hsqkwq5ejMqwYsOHbDd/PQdBq8zve/6yJht+OVEKXzqgoii
ZMMExBpD/1IlzELm+Mn/KXVxUAi3Ruqf/ycdmbneCjrOfgdxUWA0mLh3oQzoHYQ7
3yDNjpJ763faFsBFWMh+3bitG+qoJqM0X1ecuKV1WXFs/yZUSa/ERGCshYT67nXx
fFzaoAYU6Y5YJx3O/j4hZhOR0HFLcTwpa/jAU+iT9zUCdLscqCXmuXW0CZffPLDz
TDwRh+MrVrF8ovFddpP6sEqnLX67C59sznE1k+ibgtxjsQz7HFjdmtb8HPnA1UaB
ys5po0C+Y7Fqqn5BZxHPHYx910cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ20eeu
P3qiiVre3RimsOK2D7zCJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzA0YWZhMDctMDhjZi00YWJkLWI1NWUtOTQ5ZGVlZWExNTkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBTG/i2ow3xaxAV12fwI5pmtAqVuFc7lj4PcwQT
x9rSpcq8GlLFoI+P/FRWUsV5HB6QKmLYrkxUBwDlaBwz9YFmwbnny8UBmLBC0sYG
2JI1TG6/PbfqnT41NWDsTjPLg8Usjjr2rWCUGBW+0wwH/h4gCXuqiAdPTu9BKfyC
+XG3YhlG9xgf4E/S9B4g/oqrwfO+D0itBK6oMSDV/ywk1xGMoHjj+3M1f/QBkDvB
RkjjRjfkim8C2zagViFOGuGI2Ugo+9Aa7/vPiFzis3ZLjpA0er9S2gbJ7idiJIz2
2gQBQwhoMZ26EH0O5U6I35kmt3IMICCC1EwfEtrAHtQB6EQL
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:11 2025 by rpki-client